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FIG. 3 



Populate an identity certificate data structure: 

300 

i 

Create an identity public/private key pair. 

302 

i 

Store the identity public key in the identity certificate. 
|g4 

i 

Store a reference to the identity private key in association with the identity 

certificate. 
306 

i 



Derive an identity peer name from the identity public key and store the 
identity peer name in the identity certificate. 

308 



l 


Fill in other fields in the ident 

3' 


ity certificate as appropriate. 
0 






Use the identity private key t 

3' 


o sign the identity certificate. 
2 



I . 

Store the signed identity certificate in the identity certificate store of the 

user who created this peer identity. 
314 



Somin et al.: Teer-to-Peer Identity Management" 
Leydig, Voit & Mayer (312)616-5600 
Attorney Docket 221228 




Somin et al.: B Peer-to-Peer Identity Management* 
Leydig, Voit & Mayer (312)616-5600 
Attorney Docket 221228 




Somin et aL: u Peer-to-Peer Identity Management" 
Leydig, Voit & Mayer (312)616-5600 
Attorney Docket 221228 



FIG. 6 



Populate a group root certificate data structure: 

600 

i 

Create a group root public/private key pair. 

602 

i 

Store the group root public key in the group root certificate. 

604 

I 

Store a reference to the group root private key in association with the 

group root certificate. 
606 

■ i 



Derive a group peer name from the group root public key and store the 
group peer name in the group root certificate. 

608 



1 


r 


Fill in other fields in the group root certificate as appropriate. 

610 






Use the group root private key ti 

6' 


o sign the group root certificate. 
2 



I 

Store the signed group root certificate in the group identity store of the 

identity that created this group. 
614 
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FIG. 8 

Populate a group membership certificate data structure: 

800 

I 

Store the group peer name from the group root certificate in the group 

membership certificate. 
802 



Store a reference to the group root certificate in an issuer field of the 

group membership certificate. 
804 

i 

Fill in other fields in the group membership certificate as appropriate. 

806 

I 

Use a private key to sign the group membership certificate. 

808 

I 

Store the signed group membership certificate in the group identity store 

of the identity that created the group. 
810 
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FIG. 11a 

Receive a copy of a group root certificate. 

1100 



Receive a copy of a chain of one or more group membership certificates. 

1102 



I 



Verify that the group root certificate is valid: 

1104 



Verify that the group peer name in the group root certificate was 
derived, at least in part, from the public key in the group root 

certificate. 
1106 



I 



Verify that the signature of the group root certificate was derived, at 
least in part, from the private key corresponding to the public key in 

the group root certificate. 
1108 



Has 

a failure been detected? 
1110. 

No 



Yes 



0 
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© 



Start with the group membership certificate nearest to the 
group root certificate in the chain: 
1112 



For each group membership certificate, verify that the group 
membership certificate was issued by the issuer indicated in 
the group membership certificate: 
1114 



Verify that the group peer name in the group 
membership certificate matches the group peer name in 
the group root certificate. 
1116 



Verify that the issuer peer name in the group 
membership certificate refers to the certificate next 
closer in the chain to the group root certificate. 

1118 
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FIG. 11c 



© 



1114 (continued) 



Verify that the signature of the group membership 
certificate was derived, at least in part, from the private 
key corresponding to the public key in the certificate next 
closer in the chain to the group root certificate. 

1120 



© 




cz 

Reject the invitation. 
1128 



